Tutorial[How to] Secure your Windows network

New Member

Hi to all! With this thread, I'd like to mention some simple steps you could follow to lessen the attack surface of your Windows network. Not all steps are best for everybody. This guide involves disabling some protocols that for some users may be necessary, so please, take caution. Let's begin!

Step one
Turn on your hardware (router) firewall if available.

Step two
Use WPA2 encryption (with AES).

Step three
Go to Control Panel\Network and Sharing Center\Local Area Connection\Properties and disable all protocols except Internet Protocol Version 4 (TCP/IPv4).
(Note: some third-party firewalls use their own drivers, so be careful not to disable it)

Step four
On the same window, click on Internet Protocol Version 4 (TCP/IPv4) and then click Properties.
Click on Advanced in the General tab.
Go to the DNS tab and uncheck the 'Register this connection's addresses in DNS'.

Step five
On the same window, go to WINS tab and check the 'Disable NETBios over TCP/IP' setting.

Step six
Go to Device Manager, click on View and then check Show hidden devices.
Make sure in the Network section, that Teredo Tunneling Pseudo-Interface, WAN Miniport (IPv6) and Microsoft ISATAP Adapter are disabled.

Step seven
On Non-Plug and Play Drivers, do the following:
Find NETBT and Remote Access IPv6 ARP Driver > right-click and go to Properties > go to the Driver tab > on Startup change the option to Disabled.

Step eight
Open the Command Manager (Run as administrator) and type the following command:
netsh interface ipv4 set global mldlevel=none
It disables the IGMP protocol.

Disclaimer: review each step to make sure it won't render your computer unusable (no such chance, just a loss of internet connection). Undo the above one by one to find the culprit. Any suggestions are welcome!

Note: the following actions were performed in a Windows 7 32-bit system.

We use cookies to improve your browsing experience on our site, show personalized content and targeted ads, analyze site traffic, and understand where our audience is coming from.
By continuing to use this site, you are consenting to our use of cookies.